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Top Stories 

• The Michigan Department of Environmental Quality announced May 13 that Enbridge 
Energy will pay $75 million in penalties, and for the cleanup and restoration of areas 
affected by an 800,000 gallon oil spill in Talmadge Creek and the Kalamazoo River in 
2010. - Reuters (See item 1) 

• The cybersecurity services and training provider root9B discovered that the cyberespionage 
group APT28 has planned attacks on financial institutions in the U.S. and worldwide. - 
Securityweek (See item 4 ) 

• At least 7 people were killed and over 200 others were injured when an Amtrak Northeast 
Regional train headed to New York from Washington, D.C., derailed and rolled onto its 
side May 13. - WCAU 10 Philadelphia (See item 6) 

• The U.S. Federal Communications Commission and multiple State officials announced 
May 12 that Sprint and Verizon Wireless will pay $158 million in penalties and refunds to 
consumers nationwide in a mobile cramming settlement. - Baltimore Sun (See item 21 ) 
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Energy Sector 



1. May 13, Reuters - (Michigan) Enbridge to pay $75mln to settle 2010 oil spill- 
Michigan officials. The Michigan Department of Environmental Quality announced 
May 13 that Enbridge Energy will pay $75 million in a settlement that includes the 
cleanup and restoration of areas affected by a 2010 pipeline spill that dumped 800,000 
gallons of oil into Talmadge Creek and the Kalamazoo River. 

Source: http://www.reuters.com/article/2015/05/13/enbridge-inc-michigan-oilspill- 
idUSLlN0Y40O82015Q513 
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Chemical Industry Sector 

Nothing to report 
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Nuclear Reactors, Materials, and Waste Sector 

Nothing to report 
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Critical Manufacturing Sector 

2. May 13, Associated Press - (National) More vehicles recalled for problem Takata 
air bag inflators that can deploy abnormally. Toyota Motor Corp. and Nissan Motor 
Co. expanded existing recalls of about 963,000 vehicles in the U.S. due to issues with 
Takata Corporation-manufactured air bags that could cause them to deploy abnormally 
or rupture, raising risks of crash and injury. The recall covers model years 2003 - 2007 
Toyota Corolla, RAV4, and Tundra and model years 2004 - 2007 Nissan Sentra, 
Caravan, and X-Trail vehicles. 

Source: http://www.usnews.com/news/business/articles/2015/05/13/more-vehicles- 
recalled-for-problem-takata-air-bag-inflators 

3. May 12, U.S. Department of Labor - (Illinois) Auto parts manufacturer ignores 
safety rules for machines, puts workers at risk of amputation and being hit by 
equipment. The Occupational Safety and Health Administration cited USA 
Technologies Inc., of Peoria, May 12 for 2 willful and 8 serious safety and health 
violations after finding that the company exposed workers to amputation hazards and 
failed to provide proper safety equipment, among other issues. Proposed fines total 
$114,100. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=27954 
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Defense Industrial Base Sector 

Nothing to report 
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Financial Services Sector 

4. May 13, Securityweek - (International) Russian cyber espionage group planning to 
hit banks: Report. The cybersecurity services and training provider root9B discovered 
that the cyberespionage group APT28, also known as Pawn Storm, Sednit, Fancy Bear, 
Tsar Team, and Sofacy, has planned attacks on financial institutions worldwide 
including Bank of America, The United Nations Children’s Fund, and others. The 
group was previously linked to Russia by cybersecurity experts. 

Source: http://www.securitvweek.com/mssian-cyber-espionage-group-planning-hit- 
banks-report 

5. May 12, Reuters - (International) Nomura, RBS face $805 million damages after 
U.S. ruling -lawyer. A U.S. District Judge ruled May 11 that Nomura Holdings Inc., 
and the Royal Bank of Scotland Group Pic., were liable for making false statements in 
the sale of mortgage-backed securities to Fannie Mae and Freddie Mac. Officials 
estimated that the damages owed to the Federal Housing Finance Agency could exceed 
$805 million, while the exact amount is yet to be determined. 

Source: http://www.reuters.com/article/2015/05/12/fhfa-nomura-hldgs-damages- 
idUSLlN0Y323420150512 
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Transportation Systems Sector 

6. May 13, WCAU 10 Philadelphia - (Pennsylvania) At least 7 dead, over 200 hurt after 
Amtrak train derails, rolls on side in Philadelphia. At least 7 people were killed and 
over 200 people were injured when 7 cars of an Amtrak Northeast Regional train 
headed to New York from Washington, D.C., derailed and rolled onto its side in the 
Port Richmond section of Philadelphia May 13. Service on Amtrak’s Northeast 
Corridor between New York and Philadelphia was suspended in addition to service on 
the Southeastern Pennsylvania Transportation Authority’s Trenton Regional Rail line 
until further notice while authorities investigate the accident. 

Source: http://www.nbcphiladelphia.com/news/local/Amtrak-Derailment-Philadelphia-- 
303536331.html 

7. May 12, Associated Press - (Hawaii) Hawaiian Airlines plane makes emergency 
landing on Maui. A Hawaiian Airlines flight headed to Kailua- Kona from Honolulu 
made an emergency landing on Maui shortly after takeoff May 12 due to an issue with 
the left engine. Firefighters sprayed the engine with foam after authorities determined 
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that smoke was coming from the engine and no fire was visible. 

Source: http://abcnews.go.com/US/wireStorv/hawaiian-airlines-plane-makes- 
emergency-landing-maui-30991 8 12 

8. May 12, Northwest Florida Daily News - (Florida) Hydrochloric acid shuts down 
bridge for hours. Northbound lanes of the Cinco Bayou Bridge in Fort Walton Beach, 
Florida, were closed for nearly 4 hours May 12 while a HAZMAT team safely removed 
four, 1 -gallon bottles of hydrochloric acid that were found bubbling and smoking on 
the roadway. 

Source: http://www.nwfdailynews.com/local/eglin-parkwav-closed-for-chemical-spill- 
1.476962 
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Food and Agriculture Sector 

9. May 12, U.S. Department of Agriculture - (Nebraska) USDA confirms highly 
pathogenic H5N2 avian influenza in Dixon County, Nebraska. The U.S. Department 
of Agriculture confirmed May 12 the presence of H5H2 avian influenza in a 
commercial layer flock of 1.7 million chickens in Dixon County, Nebraska, after 
samples were tested from the flock due to an increase in mortality. Federal and State 
officials placed the premises and birds under quarantine and will depopulate the 
property in order to prevent the spread of the disease. 

Source: 

http://www.aphis.usda.gov/wps/portal/aphis/newsroom/news/sa stakeholder announce 
ments/sa by date/sa 2015/sa 05/ct hpai nebraska/!ut/p/a0/04 Si9CPykssy0xPLMnM 
zOvMAfGizOK9 D 2MD J OMi DzdXU yMDT zdP A2c Atz 8 i T 1 dTPULshO V AbiDHEw !/ 
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Water and Wastewater Systems Sector 

10. May 12, Orange County Register - (California) Water main break spills thousands 
of gallons, forces closure of Fullerton street. A water main break in Fullerton caused 
about 50,000 gallons of water to be released, forcing the closure of Associated Road 
between Imperial Highway and Rolling Hills Drive while crews worked to repair the 
break to the 8-inch main. Water service was shut off for several hours during repairs. 
Source: http://www.ocregister.com/articles/fullerton-661455-break-main.html 

11. May 12, KHON 2 Honolulu - (Hawaii) City cleans wastewater spill near Chinatown, 
warning signs posted. The Hawaii Department of Health was notified May 1 1 of a 
6,100-gallon spill of wastewater in Nuuanu Stream caused by a blockage in a 
wastewater pipe. City officials placed warning signs May 12 along the stream while 
crews worked to clean up the spill and inspect the pipe for damage. 

Source: http://khon2.com/2015/05/ll/citv-cleans-wastewater-spill-near-chinatown- 
waming-signs-posted/ 
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Healthcare and Public Health Sector 

Nothing to report 
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Government Facilities Sector 

12. May 13, Fort Myers News-Press - (Florida) More than 3,414 acres on fire Tuesday 
at Big Cypress Preserve. Crews reached 20 percent containment May 13 of a 3,414- 
acre wildfire burning in the Big Cypress National Preserve in Florida. 

Source: http://www.news-press.com/storv/news/2015/05/12/firefighters-challenged-bv- 
big-cypress-preserve-fire/27 1 85537/ 

13. May 12, WXI1 12 Winston-Salem - (North Carolina) Students taken to hospital after 
school bus crash in Davidson County. A school bus driver and three students were 
transported to a local hospital after a Pilot Elementary School bus went off the road and 
drove down an embankment in Davidson County May 12. 

Source: http://www.wxiil2.com/news/iniuries-reported-in-davidson-co-school-bus- 
crash/32958886 

14. May 12, WVIT 30 New Britain - (Connecticut) 2 dozen kids hospitalized after school 
bus crash in Manchester. A Bolton Elementary School bus rear-ended a vehicle on 
Interstate 384 westbound in Manchester, Connecticut, causing 25 students, 2 adults, 
and 1 child to be transported to area hospitals due to injuries May 12. 

Source: http://www.nbcconnecticut.com/news/local/School-Bus-Crash-Interstate-384- 
Manchester-Injuries-Children-Students-30349489 1 .html 
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Emergency Services Sector 

15. May 12, WKRN 2 Nashville - (Tennessee) Intentional fire leads to evacuation of 
Coffee County jail. Inmates at the Coffee County jail in Tennessee were evacuated 
and transported to a nearby facility May 12 after personal belongings in a cell were 
intentionally set on fire, causing extensive damage to the building. 

Source: http://wkxn.com/2015/05/12/female-inmates-rnoved-to-new-iail-in-coffee- 
county-due-to-fire/ 
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Information Technology Sector 

16. May 13, Softpedia - (International) Flash Player 17.0.0.188 addresses security holes. 
Adobe released updates for Flash Player that fixed 18 vulnerabilities, including 10 
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memory corruption, heap overflow, integer overflow, type confusion, and use-after-free 
bugs that could allow an attacker to run arbitrary code on an affected system. 

Source: http://news.softpedia.com/news/Flash-Plaver-17-0-0-188-Addresses-18- 
Security-Holes-481046.shtml 



17. May 13, Softpedia - (International) Mozilla Firefox 38 fixes 13 vulnerabilities, 5 are 
critical. Mozilla released fixes for 13 vulnerabilities in Firefox version 38, including 5 
critical flaws that could be leveraged to execute arbitrary code or read parts of the 
memory containing sensitive data. The update also added support for Digital Rights 
Management (DRM), among other improvements. 

Source: http://news.softpedia.com/news/Mozilla-Firefox-38-Fixes-13-Vulnerabilities- 
5-Are-Critical-481034.shtml 



18. May 13, Softpedia - (International) Adobe rolls out critical update for Reader and 
Acrobat. Adobe released new versions for Acrobat and Reader PDF software patching 
34 vulnerabilities, 17 of which include use-after-free, heap-based buffer overflow, and 
buffer overflow to memory corruption bugs that could have allowed an attacker to 
execute arbitrary code and take control of an affected system. 

Source: http://news.softpedia.com/news/Adobe-Rolls-Qut-Critical-Update-for-Reader- 
and- Acrobat-48 1014.shtml 



19. May 13, IDG News Service - (International) Microsoft fixes 46 flaws in Windows, IE, 
Office, other products. Microsoft released patches addressing 46 vulnerabilities across 
various products, including 3 critical security bulletins that covered remote code 
execution flaws in Windows, Internet Explorer, Office, Microsoft .NET Framework, 
Lync, and Silverlight. 

Source: http://www.networkworld.com/article/2922093/microsoft-fixes-46-flaws-in- 
windows-ie-office-other-products.html#tk.rss all 

20. May 13, Threatpost - (International) “VENOM” flaw in virtualization software 
could lead to VM escapes, data theft. Security researchers from CrowdStrike 
discovered a vulnerability in virtualization platforms in which an attacker could exploit 
a flaw in the virtual floppy disk controller component of the QEMU open-source 
visualization package to escape from a guest virtual machine (VM) to gain code 
execution on the host in addition to any other VMs running on the affected system. The 
bug has been dubbed VENOM and affects a variety of virtualization software running 
on all major operating systems (OS’). 

Source: https://threatpost.com/venom-flaw-in-virtualization-software-could-lead-to- 
vm-escapes-data-theft/1 12772 

Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 
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Communications Sector 



21. May 12, Baltimore Sun - (National) Sprint and Verizon Wireless to pay $158 million 
in mobile ‘cramming’ settlement. The U.S. Federal Communications Commission 
along with officials in several States announced May 12 that Sprint and Verizon 
Wireless will pay $158 million in penalties and refunds to consumers nationwide under 
a settlement holding the 2 mobile carriers accountable of unauthorized charges for 
third-party services, also known as mobile cramming. 

Source: http://www.baltimoresun.com/business/consuming-interests-blog/bs-bz-sprint- 
verizon-cramming-settlement-20150512-story.html 
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Commercial Facilities Sector 

22. May 13, Springfield Republican - (Massachusetts) Blaze guts Chestnut Street 
condominium, prompts evacuation of 100-plus residents, Springfield Fire 
Department says. More than 100 residents were evacuated for several hours from a 
condominium complex in Springfield, Massachusetts, May 12 due to a fire that began 
in the living room of a unit. 

Source: 

http://www.masslive.com/news/index.ssf/2015/05/blaze guts chestnut street con.html 

23. May 13, WUSA 9 Washington D.C. - (Virginia) Va. apartments evacuated due to 
high CO readings. High carbon monoxide readings in the parking garage of 2 garden 
apartment buildings in Fairfax County prompted the evacuation of residents from 108 
units for more than 3 hours May 12 while the building was aired out. Officials 
determined that a maintenance crew using gasoline power washers caused the high 
reading levels of carbon monoxide. 

Source: http://www.wusa9.com/storv/news/local/virginia/2015/05/13/co-evacuation- 
virginia-apartment -buildings/27228339/ 

24. May 12, Chester County Daily Local News - (Pennsylvania) Six stores damaged in 
Downingtown fire. Six stores and the entire roof of the North Park Plaza strip mall in 
Downingtown suffered extensive damage due to a May 12 fire that caused more than 
150 firefighters from 7 fire companies to respond to the plaza. Surrounding buildings 
were evacuated for several hours and authorities are investigating the cause of the fire. 
Source: http://www.dailvlocal.com/general-news/20150512/six-stores-damaged-in- 
downingtown-fire 

25. May 12, U.S. Department of Labor - (Connecticut) Forever 21 Retail Inc. store in 
Connecticut among those endangering employees because of obstructed 
emergency exit routes. The U.S. Department of Labor announced May 12 that the 
Forever 21 retail store at Westfarms Mall in Farmington was cited for placing 
employees in danger after inspections in 2014 found emergency exits blocked by piles 
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of store inventory. Proposed fines total $165,000. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=27945 

For another story, see item 4 
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Dams Sector 



Nothing to report 
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Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 



About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] 
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily 
Open Source Infrastructure Report is archived for 10 days on the Department of Homeland Security Web site: 
http://www.dhs.gov/IPDailyReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support @ govdelivery.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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